Acknowledgements
I would like to thank STL Digital, who proposed the various participations and was passionate towards the project and the driving force and an important factor in the completion of this seminar. STL guided us throughout the participation, seminar and reports along with suggestions during the submissions.
I would also like to thank you for being the co-opted research papers in assessing the seminar and their valuable inputs on the results obtained in this experiment.
Summary
Cyber security is how individuals and organisations reduce the risk of cyber attacks. Cyber security’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers) and the services we access – both online and at work – from theft or damage.
It’s also about preventing unauthorised access to the vast amounts of personal information we store on these devices and online. The world relies on technology more than ever before. As a result, digital data creation has surged. Today, businesses and governments store a great deal of that data on computers and transmit it across networks to other computers. Devices and their underlying systems have vulnerabilities that, when exploited, undermine the health and objectives of an organization.
A data breach can have a range of devastating consequences for any business. It can unravel a company’s reputation through the loss of consumer and partner trust. The loss of critical data, such as source files or intellectual property, can cost a company its competitive advantage. Going further, a data breach can impact corporate revenues due to non-compliance with data protection regulations. It’s estimated that, on average, a data breach costs an affected organization $3.6 million. With high-profile data breaches making media headlines, it’s essential that organizations adopt and implement a strong cybersecurity approach.
Table of Contents
- Introduction
- Background Theory
- Aim and Objectives
- Discussion and Results
- Conclusions and Suggestions for Future Work
Introduction
Today, an increasing number of companies are connecting to the Internet to support sales activities or to provide their employees and customers with faster information and services.
The virtual world has taken over the real one, E-business and E-commerce, which are the new mantras and electronic transactions and dominate the overall business paradigm. In this rapidly evolving e-world that depends on free-flowing information, security is the major problem to be considered.
Security on the Internet is challenging. It is important because information has significant value. Implementing security involves assessing the possible threats to one’s network, servers and information. The goal is then to attempt to minimize the threat as much as possible.
This developing world of information technology has a negative side effects.
It has opened the door to antisocial and criminal behavior.
Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people become “wired”, an increasing number of people need to understand the basics of security in a networked world. This document was written with the basic computer user and information systems manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them.
Some history of networking is included, as well as an introduction to TCP/IP and internetworking. We go on to consider risk management, network threats, firewalls, and more special-purpose secure networking devices.
This is not intended to be a “frequently asked questions” reference, nor is it a
“hands-on” document describing how to accomplish specific functionality.
It is hoped that the reader will have a wider perspective on security in general and better understand how to reduce and manage risk personally, at home, and in the workplace.
Network security is a level of guarantee that all the machines in a network are working optimally and the users of these machines only possess the rights granted to them.
This can include:
- preventing unauthorized people from acting on the system maliciously
- preventing users from performing involuntary operations that are capable ofharming the system
- securing data by anticipating failures
- guaranteeing that services are not interrupted
History
Internet security has been an issue since the Internet rose to an international phenomenon. By 1996, the Internet already connected 13 million computers, so early security protocols were required.
These protocols required computer information to be confidential, available, and have integrity. Because the Internet made information available to everyone, people needed network security to make their information confidential. Because otherwise harmless information can expose a computer network to compromise, network security was developed to close all loops.
Cybersecurity is top of mind for just about everyone. But when the internet’s first draft appeared a half-century ago, security wasn’t in the outline. The technical focus was on how to make this new packet-based networking scheme work. Security did not occur to the close-knit crew of academic researchers who trusted each other; it was impossible at the time for anyone else to access the fledgling network.
With today’s pervasive use of the internet, a modern surge in cyberattacks and the benefit of hindsight, it’s easy to see how ignoring security was a massive flaw.
Looking back at security events, the relatively short history of cybersecurity reveals important milestones and lessons on where the industry is heading.
Here are some key events that will help you understand how we’ve arrived at
today’s point of cybersecurity. We start in the 1970s with the first discovery of a computer virus. For the full list of cybersecurity events, download or purchase the History of Cybersecurity2019 Calendar. We chose a 1970s motif in honor of that decade’s importance to modern cybersecurity. For some fun, you can also test your knowledge of cybersecurity history with monthly trivia questions. All proceeds will be donated to the Computer History Museum and WiCyS (Women in Cybersecurity).
March 16, 1971 – Discovery of the Creeper Virus
Believe it or not, the idea of a computer virus preceded computer networks. Mathematician John von Neumann predicted the idea in the late 1940s, but it wasn’t until 30 years later before someone created one. During the age of ARPANET (the internet in its earliest form) in 1971, the few users of the network were surprised when their screens displayed the phrase: “I’m the creeper, catch me if you can.” At the time, users had no idea who or what it could be. Creeper was a worm, a type of computer virus that replicates itself and spreads to other systems; it was created by Bold, Beranek and Newman. Unlike today’s malicious viruses, all Creeper did was display messages.
Sept. 20, 1983 – The First U.S. Patent for Cybersecurity
As computers began to evolve, inventors and technology experts around the world were rushing to make history and claim patents for new computer systems. The first U.S. patent for cybersecurity came in September of 1983 when MIT was granted U.S. Patent 4,405,829 for a “cryptographic communications system and method.” The patent introduced the RSA (Rivest-Shamir-Adleman) algorithm, which was one of the first public key cryptosystems. Cryptography is the bedrock of modern cybersecurity.
June 9, 1993 – The First DEF CON Conference
DEF CON is one of the world’s most popular cybersecurity technical conferences. Started in June of 1993 by Jeff Moss, it opened in Las Vegas with roughly 100 people. Today the conference is attended by over 20,000 cybersecurity professionals from around the world.
February 1995 – The Birth of Secure Sockets Layer (SSL) 2.0
The security protocol that allows people to do simple things like purchase items online securely was made possible by the Secure Sockets Layer (SSL) internet protocol. Netscape began developing the SSL protocol shortly after the
National Applications released the first web browser. In February 1995, Netscape released SSL 2.0, which became the core of the language for securely using the web, called Hyper Text Transfer Protocol Secure. Today, when you see “HTTPS” in a website address, you know its communications with your browser are encrypted.
Oct. 1, 2003 – Anonymous is Born
Anonymous was the first universally known hacker group. The group has no leader and represents many online and offline community users. Together, they exist as an anarchic, digitized global brain. Wearing the mask of Guy Fawkes, the group gained national attention when the group hacked the Church of Scientology website with distributed DDoS attacks. Anonymous continues being linked to numerous high-profile incidents; its main cause is protecting citizens’ privacy.
Jan. 12, 2010 – Operation Aurora Reveals a Nation-as-Hacker
Before 2010, disclosures of security breaches were considered highly unusual. On Jan. 12 of that year, Google shocked the world when it announced “Operation Aurora,” a major breach of its infrastructure in China. Google initially thought the attackers’ goal was to access the Gmail accounts of Chinese human rights activists. Analysts discovered the true intent was identifying Chinese intelligence operatives in the U.S. who may have been on watch lists for American law enforcement agencies. The attacks also hit more than 50 companies in the internet, finance, technology, media and chemical sectors.
Recent Exploits, Countermeasures and Looking Forward
In recent years, massive breaches have hit name brands like Target, Anthem, Home Depot, Equifax, Yahoo, Marriott and more – compromising data for the companies and billions of consumers. In reaction, stringent regulations to protect citizen privacy, like the EU General
Data Protection Regulation (GDPR) and the new California Consumer Privacy Act are raising the bar for compliance. And cyberspace has become a digital battleground for nation-states and hacktivists. To keep up, the cybersecurity industry is constantly innovating and using advanced machine learning and AI-driven approaches, for example, to analyze network behavior and prevent adversaries from winning. It’s an exciting time for the market, and looking back only helps us predict where it’s going.
Need for Network Security
In the past, hackers were highly skilled programmers who understood the details of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These complicated attack tools and generally open networks have generated an increased need for network security and dynamic security policies.
The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a connection to public networks.
Because they have no Internet connectivity, networks designed in this way can be considered safe from Internet attacks. However, internal threats still exist.
There is an estimate that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse has taken place.
With the development of large open networks, security threats have increased significantly in the past 20 years. Hackers have discovered more network vulnerabilities, and because you can now download applications that require little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used maliciously and pose severe threats.
Aim and Objectives
This chapter should contain the following:
This Chapter describes the Overview of Network Security and also how individuals and organisations reduce the risk of cyber-attack.
- Title
- Overview of Network Security
- Aim
- The main aim is to Explain an Overview of Network Security
- The secondary aim is to Describe how we can avoid Cyber Attacks by using available methods Described in this Seminar.
- Objectives
- To tackle Ransomware
- To tackle Phishing
- Password-Based Attacks
- To Tackle Denial-of-Service Attacks
- Methods and Methodology/Approach to attain each objective
Objective No. | Statement of the Objective | Method/ Methodology | Resources Utilised |
1 | To tackle Ransomware | Back up Method Patch Method etc. |
Na |
2 | To tackle Phishing | By Installing Firewall By Rotating PasswordsRegularly etc. |
Na |
3 | To Tackle Denial-of-Service Attack | Limit broadcasting Streamline incident response etc. | Na |
4 | Password- BasedAttacks | Setting Password as per NCSC’s advice | Na |
Discussion and Results
Experts debated on what exactly constitutes Cyber crime or a computer-related crime. Even after several years, there is no internationally recognized definition of these terms.
A global definition of computer crime has not been achieved. Computer crime has been defined as “any illegal unethical or unauthorized behavior involving automatic processing or transmission of data”.
COMPUTER CRIME is any crime where –
- Computer is a target.
- Computer is a tool of crime
- Computer is incidental to crime
Threats come in two categories:
- Passive threats.
- Active threats.
Passive threats:
This involves monitoring the transmission data of an organization.
Here the goal of the assembler is to obtain information that is being transmitted. Passive threats are difficult to detect because they do not involve alterations of data. These are of two types:
- Release of message content.
- traffic analysis.
Active threats:
These threats involve some modification of the data stream or the creation of a false stream. These are of three types:
- Modification.
- Denial of message service.
- Masquerade.
REASONS FOR CYBER CRIME:
Capacity to store data in comparatively small space- The computer has unique characteristics of storing data in a very small space. This affords to remove information either through a physical or virtual medium, making it much easier.
Easy to access- the problem encountered in guarding a computer system from unauthorized access is that there is a possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bombs, key loggers that can steal access codes, advanced voice recoders, retina imagers, etc., that can fool biometric systems and bypass firewalls can be utilized to get past many a security system.
Complex- Computers work on operating systems & these operating systems, in turn, are composed of millions of codes. The human mind is fallible & it is not possible that there might not be a lapse at any stage. The cybercriminals take advantage of these lacunas and penetrate into the computer system.
Negligence-Negligence is very closely connected with human conduct. It is, therefore, very probable that while protecting the computer system, there might be any negligence, which in turn provides a cybercriminal to gain access and control over the computer system.
Loss of evidence-Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of crime investigation.
TYPES OF CYBER CRIMES:
- HACKING
- DENIAL OF SERVICE ATTACK
- VIRUS DISSEMINATION
- COMPUTER FROGERY
- CREDIT CARD FRAUD
- PHISHING
- SPOOFING
- CYBER STALKING
- THREATENING
- SALAMI ATTACK
HACKING:- Hacking involves gaining unauthorized access to a computer and altering the system in such a way as to permit continued access, along with changing the configuration, purpose, or operation of the target machine, all without the knowledge or approval of the systems owners.
DENIAL OF SERVICE ATTACK: – A Denial of Service (“DoS”) attack is a rather primitive technique that overwhelms the resources of the target computer, which results in the denial of server access to other computers. There are several different techniques that hackers use to “bring down” a server. As network administrators learn how to limit the damage of one technique, hackers often
create more powerful and more sophisticated techniques that force system administrators to continually react against assaults. In order to understand how to apply the law to these attacks, a basic understanding of the anatomy of the attacks is necessary. This is an act by the criminal, who floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.
VIRUS DISSEMINATION: – This category of criminal activity involves either direct or search unauthorized access to computer systems by introducing new programs known as viruses, worms or logic bombs. The unauthorized modification, suppression or erasure of computer data or functions with the Internet to hinder the normal functioning of the system is clearly a criminal activity and is commonly referred to as computer sabotage.
Malicious code is computer code that is written with the sole intent to cause damage to a machine or to invade the machine to steal information. The most common forms of malicious code are viruses, worms, and Trojan programs VIRUS: (Vital information resources under seize).
A virus is a series of program codes with the ability to attach itself to legitimate programs and propagate itself to other computer programs. Viruses are file viruses and boot sector viruses.
It attacks the fat so that there is no sequence of file content, and it destroys the data content.
WORMS: (Write Once Read Many).
They are just added to the files, and they do not manipulate. It differs from a virus in that it does not have the ability to
LOGIC BOMB:
As it involves the programming, the destruction or modification of data is at a specific time in the future.
Why do people Create These Viruses?
- To distribute political messages.
- To attack the products of specific companies.
- Some consider their creations to be works of art and see them as a creative hobby.
- Financial gain from identity theft
CREDIT CARD FRAUD:- Intangible assets represented in a data format, such as money on deposits or hours of work are the most common targets related to fraud.
Modern business is quickly replacing cash with deposits transacted on computer system creating computer fraud. Credit card informationas well as personal and financial information on credit card has been frequently targeted by organized criminal crimes. Assets represented in data format often have a considerably higher value than traditionally economic assets resulting in potentially greater economic class.
Computer Forgery: This happens when data is altered which is stored in documents that are in computerized form. Computers however can also be used as instruments for committing forgery. A new generation of fraudulent alterationor duplication emerged when computerized color laser copies became available.
These copies are capable of high-resolution copying, and modification of documents that are even creating false document experts can only distinguish.
The widespread of computer networks is the need for people with common and shared interests to communicate with each other. Information can easily be represented and manipulated in electronic form. To meet the needs of sharing and communicating information, computers need to be connected, which is called a data communication network.
PHISHING:- Phishing is the mass distribution of “spoofed” e-mail messages, which appear to come from banks, insurance agencies, retailers or credit card companies and are designed to fool recipients into divulging personal data such as account names, passwords, or credit card numbers.
SPOOFING:- Getting one computer on a network to pretend to have the identity of another computer, usually one with special access Privileges, so as to obtain access to the other computers on the network.
Example: Pranab Mitra, a former executive of Gujarat Ambuja Cement, posed as a woman, Rita Basu, and created a fake e-mail ID through which he contacted one V.R. Ninawe, an Abu Dhabi businessman. After a long cyber relationship and emotional messages, Mitra sent an e-mail that ‘‘she would commit suicide’’ if Ninawe ended the relationship. He also gave him ‘‘another friend Ruchira Sengupta’s’’ e-mail ID, which was, in fact, his second bogus address. When Ninawe mailed at the other ID he was shocked to learn that Mitra had died and police is searching Ninawe. Mitra extorted few lacs Rupees as advocate fees, etc. Mitra even sent e-mails as high court and police officials to extort more money.
Ninawe finally came down to Mumbai to lodge a police case.
CYBER STALKING :- The Criminal follows the victim by sending emails, entering the chat rooms frequently. In order to harass a woman, her telephone number is given to others as if she wants to befriend males befriend males.
Example – Ritu Kohli (first lady to register the cyberstalking case) is a victim of cyber-stalking. A friend of her husband gave her phone number and name on a chat site for immoral purposes
THREATENING:- The Criminal sends threatening emails or comes in contact in chat rooms with Victim.
SALAMI ATTACK:- In such a crime, the criminal makes insignificant changes in such a manner that such changes would go unnoticed.
Criminal makes such a program that deducts a small amount like Rs. 2.50 per month from the account of all the customer of the Bank and deposit the same in their account. In this case, no account holder will approach the bank for such a small amount but the criminal gains a huge amount.
Example: – The Ziegler case wherein a logic bomb was introduced in the bank’s system, where 10% was deducted from every account and deposited in a particular account.
PRECAUTIONS TO PREVENT CYBER CRIME:
Nobody’s data is completely safe. But everybody’s computers can still be protected against would-be hackers. Here is your defense arsenal.
- Firewalls:
These are the gatekeepers to a network from the outside. Firewalls should be installed at every point where the computer system comes in contact with other networks, including the Internet, a separate local area network at the customer’s site or telephone company switch.
- Password protection:
At minimum, for each item they log on, all PC users should be required to type in a password that only they and the network administrator know. PC users should avoid picking words, phrases or numbers that anyone can guess easily, such as birth dates, a child’s name or initials. Instead, they should use cryptic phrases or numbers that combine uppercase and lowercase.
Letters such as the “The Moon Also Rises”. In addition, the system should require all users to change passwords every month or so and should lock out prospective users if they fail to enter the correct password three times in a row.
- Viruses:
Viruses generally infect local area networks through workstations.
You cannot get a virus or any system-damaging software by reading e-mail. Viruses and other system-destroying bugs can only exist in files, and e-mail is not a system file. Viruses cannot exist there. Viruses are almost always specific to the operating system involved.
Meaning, viruses created to infect DOS applications can do no damage to MAC systems and vice versa. The only exception to this is the Microsoft Word “macro virus”, which infects documents instead of the program.
- Encryption:
Even if intruders manage to break through a firewall, the data on a network can be made safe if it is encrypted. Many software packages and network programs – Microsoft Windows NT, Novel NetWare, and Lotus Notes, among others – offer encryption schemes that encode all the data sent on the network. In addition, companies can buy standalone encryption packages to work with individual applications. Almost every encryption package is based on an approach known as the public-private key.
Scrambled data is encoded using a secret key unique to that
transmission.
Receivers use a combination of the sender’s public key and their own private encryption key to unlock the secret code to decipher that message .
- Never send your credit card number to any site which is not secured.
- Uninstall unnecessary software
Severe threats in present age
Ransomware
- Normally loaded onto a computer via a download/attachment/link from an email or website.
- Will either lock the screen or encrypt your data.
- Once Ransomware is uploaded on your computer/tablet/phone, it is very difficult to remove without removing all of the data
- Wannacry attack 2017 – One of the biggest cyber attacks to occur.
- It is said to have hit 300,000 computers in 150 countries.
- Companies affected include; NHS, Renault, FedEx, Spanish telecoms and gas companies, German railways.
More than a third of NHS trusts in England and Wales were affected, with over 6,800 operations cancelled.
How to tackle Ransomware
- Back up – Keep a backed up copy of your data. Ensure it’s not permanently connected to the network.
- Patch- Keep your software up to date. Wannacry was successful as those affected computers hadn’t updated. The update contained a fix for the problem.
- Attachments- Don’t click on links from emails/SMS as this could easily be from an untrusted source and contain malware like Ransomware
Phishing
- Is the attempt to obtain sensitive information by deception.
- They will be after your login credentials and payment card details or to upload malware to your computer
- The email will normally impersonate a genuine company or person.
How to tackle the problem
- Don’t click any links on an email unless you can guarantee who it’s from.
- Use a trusted method of contacting the company via a phone number, app or website.
- Mark the email as spam and contact the organisation.
What to look out for when shopping on the Internet?
- Ensure you’re on the correct website
- HTTPS and the padlock- The ‘S’ stands for secure. This means you have a secure connection to the website. This should prevent a ‘man in the middle’ attack. It encrypts your data, and the receiver will be able to decrypt it, but if it is a fraudulent website, they will still obtain your information.
- Use a credit card/ PayPal when conducting online transactions.
Public Wi-Fi
- May not be trustworthy.
- They could share your information with other companies who operate in countries without any data protection.
- You may not know who is watching you whilst you’re online.
What to do and not do to
- Don’t use online banking on public Wi-Fi. Use your own data.
- Don’t conduct any purchases
- Use a virtual private network (VPN)
Passwords Advice
- Use one password per account.
- Three random words are the NCSC’s advice. Capitals, special characters and numbers are your own choice.
- If you follow this advice, your password’s security will be significantly increased against a brute force attack.
- Password managers can be helpful in storing your passwords.
Advice to avoid Most of the Cyber Attacks
- Update and migrate
- Activate your firewall
- Staff awareness
- Data encryption
- User accounts privileges, i.e., admin
- Cyber insurance
- Prepare Plan
Conclusions and Suggestions for Future Work
Student’s (Our) Opinion/Perspective
When it comes to businesses and cyber-attacks, hackers often seek to take advantage of your digital weaknesses to get hold of your networks, systems and other sensitive data.
Moreover, with the Internet becoming the primary place to do the majority of your business, it only brings with it a wealth of benefits and opportunities for attackers. This is what makes it important for you to ensure that your every operation is not only smooth but also as safe as possible.
In fact, we need to see to it that you’re able to store data, transact remotely and send emails in a timely and safe manner. Since cybercriminals are trying to steal your confidential data and disrupt the way your business functions, here I have mentioned the top three tips that you can implement in your organisation.
Let’s take a look.
Understand Who Our Enemy Is
Cyber attacks on your business can happen in various ways. This mainly includes unauthorised access to your systems and mobile devices, theft, attack on data for ransom, attack on your IT system and more.
This is why the very first step towards protecting your business from cyber attacks is to understand who your enemy is and where they could attack from.
Plan Ahead In Time
For every small-scale business, a streamlined approach is always key to the security of their crucial data – this is something that begins with you coming up with a robust and effective plan.
In order to do this, you need to first go through your own knowledge and skills, identify if you require additional help, and accordingly review the threats you’re likely to face.
Prevent, Identify and Respond
Once we’ve created a robust plan, the next step is to start implementing them; only that way will you be able to prevent, identify and respond to attacks.
Implementing steps basically means installing antivirus solutions, constantly updating your browser and software, restricting unauthorised access to vital information, creating strong policies regarding how a security update should be carried out and more.
Moreover, we need to amp up the security of your networks by using firewalls, access lists, proxies and more such solutions. Also, for remote working, have all your data encrypted, and store them in a place for authorised users only.
To Conclude
While these are the top three tips, there are more such ways you can protect your business from a cyber attack.
Relevance to Society
- Just as defensive driving improves the safety of other motorists on the road, or staying home when you’re sick prevents spreading the flu around your office, maintaining proper cyber security measures on your own devices affects the rest of the online community. As Forbes magazine reports,infected devices have a way of infecting other devices, and compromised systems can make everyone vulnerable.
- One of the most important groups to teach about cyber security is our youth. While they may not be banking or using credit cards to shop online, they can make it very easy for cyber criminals to access data through creating insecure personal accounts.
- Weak passwords and bad practices in email or social media make it much easier for others to hack into your account and gain access to your friends’ and family’s data. Whether it’s a bank account number, a photo best kept private, or complete identity theft, no one wants to be responsible for cybercrime on their loved ones.
Finally…
- Securing the cyberspace presents major challenges.
- Effectively facing the challenges require not only innovations but also collaborations among all communities (government, military, intelligence, legal, law enforcement, industries, academia, and the general public).
- Colleges and universities play a central part in the solution (workforce development, R&D, services).
- A non-profit research and education institute situated in a university can become an integrating and sharing platform for cyber security solutions.
- Computer Security is a continuous battle
- As computer security gets tighter, hackers are getting smarter!!!
- Computer and information security continue to grow in importance
- Nobody ever said this was going to be easy!
- Neglecting security is the worst thing we can do!!
References
- A Sophos Article 04.12v1.dNA, eight trends changing network security by James Lyne.
- Cyber Security: Understanding Cyber Crimes- Sunit Belapure Nina Godbole
- Computer Security Practices in Non-Profit Organisations – A NetAction Report by Audrie Krause.
- A Look back on Cyber Security 2012 by Luis Corrons – Panda Labs.
- International Journal of Scientific & Engineering Research, Volume 4, Issue 9, September-2013 Page nos.68 – 71 ISSN 2229-5518, “Study of Cloud Computing inHealthCare Industry “ by G.Nikhita Reddy,
G.J.Ugander Reddy
- IEEE Security and Privacy Magazine – IEEECS “Safety Critical Systems – NextGeneration “July/ Aug 2013.
- CIO Asia, September 3rd, H1 2013: Cyber security in malasia by Avanthi Kumar.